<?php

/** 
* 
* 
* by:南宁火蝶科技有限公司 http:///www.HdsysCms.com
* 声明:本系统禁止用二次开发、侵犯HdsysCms著作和除去HdsysCms进行售卖,如发现将追究一切权利,模版制作属于自己所得可以通过本系统对外开发模版获取收益!
* 
* 2019年第一版本发布 - 到2023.9.1开源使用! 
* php混淆工具:phpencry.wbox.top
* 
* 注意防骗:@HdsysCms 官方没授权任何个人机构合作,唯一收款抬头:《南宁火蝶科技有限公司》和官网显示客服唯一渠道客服,其它渠道以HdsysCms名义行为均骗子!
*
*/
	

defined('HDSYS_SET') or call_my_die("" . 'Not,This File Not Can in Ie Open');
if (HDSYS_SET !='ADMIN') {
call_my_die('访问路径错误.');
}
class UpFile
{
public function __construct()
{
$this->intelligence_session=bs_lib::load_libhdsys_class("" . 'session');
$this->intelligence_session->intelligence_session_open();
$this->intelligence_db=bs_lib::load_libhdsys_class(templates_Verifications_db());
isadminlogin();
}
public function call_ups()
{
$param_arr=$_FILES["file"];
if ($param_arr["type"] !="image/jpg" and $param_arr["type"] !="image/jpeg" and $param_arr["type"] !="image/png"  and $param_arr["type"] !="image/gif") {
print_json(array(call_my_str_code()=> call_my_int_aeg1(), call_my_str_msg()=> '上传的文件类型不符jpg/png/gif 你上传类型为' . $param_arr["type"]));
}
if ($param_arr["size"] > 50241000) {
print_json(array(call_my_str_code()=> call_my_int_aeg1(), call_my_str_msg()=> '上传文件不能大5M,请压缩在上传'));
}
$param_arr["tmp_name"];
if (!is_dir(HDSYS_DIR_SYS . "upfiles")) {
mkdir(HDSYS_DIR_SYS . "upfiles", 0777, true);
}
if (!is_dir(HDSYS_DIR_SYS . "upfiles")) {
mkdir(HDSYS_DIR_SYS . "upfiles", 0777, true);
}
$param_dir=HDSYS_DIR_SYS . "upfiles/img";
if (!is_dir($param_dir)) {
mkdir($param_dir, 0777, true);
}
$param_filename=$param_dir . '/' . date('YmdHis') . '.png';
move_uploaded_file($param_arr["tmp_name"], $param_filename);
print_json(array(call_my_str_code()=> call_my_int_1(), call_my_str_msg()=> '文件上传成功', 'url'=> "upfiles/" . 'img' . '/' . date('YmdHis') . '.png'));
}
public function call_UpTemplates()
{
$param_newwidth=set_get('' . 'newwidth');
$param_filename=set_get('' . 'filename');
$param_arr=$_FILES["file"];
if ($param_arr["type"] !="image/jpg" and $param_arr["type"] !="image/jpeg" and $param_arr["type"] !="image/png" and $param_arr["type"] !="image/gif") {
print_json(array(call_my_str_code()=> call_my_int_aeg1(), call_my_str_msg()=> '上传的文件类型不符jpg/png/gif 你上传类型:' . $param_arr["type"]));
}
if ($param_arr["size"] > 50241000) {
print_json(array(call_my_str_code()=> call_my_int_aeg1(), call_my_str_msg()=> '上传文件不能大5M,请压缩在上传'));
}
$param_templates=set_get('templates');
$param_templates=call_my_str_replace('/', '', $param_templates);
$param_templates=call_my_str_replace('\\', '', $param_templates);
$param_templates=call_my_str_replace('..', '', $param_templates);
if ($param_templates=='') {
$param_templates=intelligence_get_templates_dir();
}
$param_dir='templates/' . $param_templates . "/statics";
if (!is_dir(HDSYS_DIR_SYS . $param_dir)) {
if (new_is_writeable(HDSYS_DIR_SYS . $param_dir)) {
mkdir(HDSYS_DIR_SYS . $param_dir, 0777, true);
} else {
print_json(array(call_my_str_code()=> call_my_int_aeg1(), call_my_str_msg()=> $param_dir . '目录没有权限写入，请设置可写权限777'));
}
}
$param_dir='templates/' . $param_templates . "/statics/upfiles";
$param_dir_var="templates/{__TEMPLATES__}/statics/upfiles";
if (!is_dir(HDSYS_DIR_SYS . $param_dir)) {
if (new_is_writeable(HDSYS_DIR_SYS . $param_dir)) {
mkdir(HDSYS_DIR_SYS . $param_dir, 0777, true);
} else {
print_json(array(call_my_str_code()=> call_my_int_aeg1(), call_my_str_msg()=> $param_dir . '目录没有权限写入，请设置可写权限777'));
}
}
if (new_is_writeable(HDSYS_DIR_SYS . $param_dir)) {
} else {
print_json(array(call_my_str_code()=> call_my_int_aeg1(), call_my_str_msg()=> $param_dir . '目录没有权限写入，请设置可写权限777'));
}
if ($param_filename=='') {
$param_filename=time();
}
$param_md5_param_filename=md5($param_filename);
$param_filename=$param_dir . '/' . $param_md5_param_filename . '.png';
$param_filename_echo='{__URL__}' . $param_dir_var . '/' . $param_md5_param_filename . '.png';
if (file_exists(HDSYS_DIR_SYS . $param_dir)) {
@unlink(HDSYS_DIR_SYS . $param_dir);
}
$param_base64=set_get('base64');
$param_newwidth=set_get('newwidth');
$param_data=file_get_contents($param_arr["tmp_name"]);
$param_data=call_my_ResizeImage($param_data, $param_newwidth, call_my_str_replace('image/', '', $param_arr["type"]));
if ($param_base64==1) {
$param_base64=base64_encode($param_data);
print_json(array(call_my_str_code()=> call_my_int_1(), call_my_str_msg()=> '文件上传成功', 'type'=> $param_arr["type"], 'url'=> 'data:image/' . call_my_str_replace('image/', '', $param_arr["type"]) . ';base64,' . $param_base64));
}
file_put_contents(HDSYS_DIR_SYS . $param_filename, $param_data);
print_json(array(call_my_str_code()=> call_my_int_1(), call_my_str_msg()=> '文件上传成功', 'url'=> $param_filename_echo . '?' . date('YmdHis'), 'tmp_url'=> getsysurl() . $param_filename . '?' . date('YmdHis')));
}
public function call_manager_ajax()
{
$param_php_path=HDSYS_DIR_SYS . '/';
$param_php_url='../';
$param_root_path=$param_php_path . '/upfiles/attached/';
$root_url=$param_php_url . 'upfiles/attached/';
$param_ext_arr=array('gif', 'jpg', 'jpeg', 'png', 'bmp');
$param_dir_name=empty($_GET['dir']) ? '' : trim($_GET['dir']);
if (!in_array($param_dir_name, array('', 'image', 'flash', 'media', 'file'))) {
echo "Invalid Directory name.";
exit;
}
if ($param_dir_name !=='') {
$param_root_path .=$param_dir_name . "/";
$root_url .=$param_dir_name . "/";
if (!file_exists($param_root_path)) {
mkdir($param_root_path);
}
}
$param_get_path=set_get("path");
if (empty($param_get_path)) {
$param_current_path=realpath($param_root_path) . '/';
$param_current_url=$root_url;
$current_dir_path='';
$moveup_dir_path='';
} else {
$param_current_path=realpath($param_root_path) . '/' . $param_get_path;
$param_current_url=$root_url . $param_get_path;
$current_dir_path=$param_get_path;
$moveup_dir_path=preg_replace('/(.*?)[^\/]+\/$/', '$1', $current_dir_path);
}
$param_order=empty(set_get("order")) ? 'name' : strtolower(set_get("order"));
if (preg_match('/\.\./', $param_current_path)) {
echo 'Access is not allowed.';
exit;
}
if (!preg_match('/\/$/', $param_current_path)) {
echo 'Parameter is not valid.';
exit;
}
if (!file_exists($param_current_path) || !is_dir($param_current_path)) {
echo 'Directory does not exist.';
exit;
}
$param_file_list=array();
if ($param_handle=opendir($param_current_path)) {
$i=0;
while (false !==($param_filename=readdir($param_handle))) {
if (substr($param_filename, 0, 1)=='.') continue;
$param_file=$param_current_path . $param_filename;
if (is_dir($param_file)) {
$param_file_list[$i]['is_dir']=true;
$param_file_list[$i]['has_file']=(count(scandir($param_file)) > 2);
$param_file_list[$i]['filesize']=0;
$param_file_list[$i]['is_photo']=false;
$param_file_list[$i]['filetype']='';
} else {
$param_file_list[$i]['is_dir']=false;
$param_file_list[$i]['has_file']=false;
$param_file_list[$i]['filesize']=filesize($param_file);
$param_file_list[$i]['dir_path']='';
$param_file_ext=strtolower(pathinfo($param_file, PATHINFO_EXTENSION));
$param_file_list[$i]['is_photo']=in_array($param_file_ext, $param_ext_arr);
$param_file_list[$i]['filetype']=$param_file_ext;
}
$param_file_list[$i]['filename']=$param_filename;
$param_file_list[$i]['datetime']=call_my_date('Y-m-d H:i:s', filemtime($param_file));
$i++;
}
closedir($param_handle);
}
function cmp_func($a, $b)
{
global $param_order;
if ($a['is_dir'] && !$b['is_dir']) {
return -1;
} else if (!$a['is_dir'] && $b['is_dir']) {
return 1;
} else {
if ($param_order=='size') {
if ($a['filesize'] > $b['filesize']) {
return 1;
} else if ($a['filesize'] < $b['filesize']) {
return -1;
} else {
return call_my_int_0();
}
} else if ($param_order=='type') {
return strcmp($a['filetype'], $b['filetype']);
} else {
return strcmp($a['filename'], $b['filename']);
}
}
}
usort($param_file_list, 'cmp_func');
$param_result=array();
$param_result['moveup_dir_path']=$moveup_dir_path;
$param_result['current_dir_path']=$current_dir_path;
$param_result['current_url']=$param_current_url;
$param_result['total_count']=count($param_file_list);
$param_result['file_list']=$param_file_list;
print_json($param_result);
}
public function call_up_ajax()
{
$param_div_id=set_get('div_id');
if (!isset($_FILES['imgFile'])) {
print_json(array('error'=> 1, 'success'=> 0, 'message'=> '没有检测到上传文件字段', 'msg'=> '没有检测到上传文件字段'));
}
$param_newwidth=set_get('' . 'newwidth');
$php_path=HDSYS_DIR_SYS . '/';
$save_path=$php_path . '/upfiles/attached/';
$save_url='../upfiles/attached/';
if (is_dir($php_path . '/upfiles/attached')===false) {
mkdir($php_path . '/upfiles/attached', 0777, true);
}
$ext_arr=array(
'image'=> array('gif', 'jpg', 'jpeg', 'png', 'bmp'),
'flash'=> array('swf', 'flv'),
'media'=> array('swf', 'flv', 'mp3', 'wav', 'wma', 'wmv', 'mid', 'avi', 'mpg', 'asf', 'rm', 'rmvb'),
'file'=> array('doc', 'docx', 'xls', 'xlsx', 'ppt', 'xhtm', 'xhtml', 'txt', 'zip', 'rar', 'gz', 'bz2'),
);
$max_size=20000000;
$save_path=realpath($save_path) . '/';
if (!empty($_FILES['imgFile']['error'])) {
switch ($_FILES['imgFile']['error']) {
case '1':
$error='超过php.ini允许的大小。';
break;
case '2':
$error='超过表单允许的大小。';
break;
case '3':
$error='图片只有部分被上传。';
break;
case '4':
$error='请选择图片。';
break;
case '6':
$error='找不到临时目录。';
break;
case '7':
$error='写文件到硬盘出错。';
break;
case '8':
$error='File upload stopped by extension。';
break;
case '999':
default:
$error='未知错误。';
}
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'success'=> 0, 'message'=> $error, 'msg'=> $error));
}
if (empty($_FILES)===false) {
$param_File_Name=$_FILES['imgFile']['name'];
$param_tmp_name=$_FILES['imgFile']['tmp_name'];
$param_file_size=$_FILES['imgFile']['size'];
if (!$param_File_Name) {
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'success'=> 0, 'message'=> "请选择文件。", 'msg'=> "请选择文件。"));
}
if (@is_dir($save_path)===false) {
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'success'=> 0, 'message'=> "上传目录不存在。", 'msg'=> "上传目录不存在。"));
}
if (@is_writable($save_path)===false) {
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'success'=> 0, 'message'=> "上传目录没有写权限。", 'msg'=> "上传目录没有写权限。"));
}
if (@is_uploaded_file($param_tmp_name)===false) {
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'success'=> 0, 'message'=> "上传失败，确认目录可写。", 'msg'=> "上传失败，确认目录可写。"));
}
if ($param_file_size > $max_size) {
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'success'=> 0, 'message'=> "上传文件大小超过限制。", 'msg'=> "上传文件大小超过限制。"));
}
$param_dir_name='';
$temp_arr=explode('.', $param_File_Name);
$param_file_ext=array_pop($temp_arr);
$param_file_ext=trim($param_file_ext);
$param_file_ext=strtolower($param_file_ext);
foreach ($ext_arr as $key=> $v) {
if (in_array($param_file_ext, $v)==true) {
$param_dir_name=$key;
break;
}
}
if (empty($ext_arr[$param_dir_name])) {
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'success'=> 0, 'message'=> "上传文件后缀不支持", 'msg'=> "上传文件后缀不支持 :".$param_file_ext));
}
if (in_array($param_file_ext, $ext_arr[$param_dir_name])===false) {
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'success'=> 0, 'message'=> "上传文件扩展名是不允许的扩展名。\n只允许" . implode(",", $ext_arr[$param_dir_name]) . "格式。", 'msg'=> "上传文件扩展名是不允许的扩展名。\n只允许" . implode(",", $ext_arr[$param_dir_name]) . "格式。"));
}
if ($param_dir_name !=='') {
$save_path .=$param_dir_name . "/";
$save_url .=$param_dir_name . "/";
if (!file_exists($save_path)) {
mkdir($save_path);
}
}
$ymd=date("Ymd");
$save_path .=$ymd . "/";
$save_url .=$ymd . "/";
if (!file_exists($save_path)) {
mkdir($save_path);
}
$new_file_name=date("YmdHis") . '_' . rand(10000, 99999) . '.' . $param_file_ext;
$param_file_path=$save_path . $new_file_name;
$param_data=file_get_contents($param_tmp_name);
if (substr($_FILES['imgFile']['type'], 0, 5)=='image') {
$param_data=call_my_ResizeImage($param_data, $param_newwidth, call_my_str_replace('image/', '', $_FILES['imgFile']['type']));
}
if (file_put_contents($param_file_path, $param_data)===false) {
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'div_id'=> $param_div_id, 'success'=> 0, 'message'=> "上传文件失败，确认目录可写。", 'msg'=> "上传文件失败，确认目录可写。"));
}
$param_file_url=$save_url . $new_file_name;
print_json(array('error'=> 0, call_my_str_code()=> call_my_int_1(), 'div_id'=> $param_div_id, 'success'=> call_my_int_1(), 'message'=> "ok", 'url'=> $param_file_url));
}
}
function call_UpTemplatesBy()
{
$param_id=set_get('id');
if ($param_id=='') {
print_json(array(call_my_str_code()=> call_my_int_aeg1(), call_my_str_msg()=> 'ID不能空'));
}
$param_arr=$_FILES["file"];
if ($param_arr["type"] !="image/jpg" and $param_arr["type"] !="image/jpeg" and $param_arr["type"] !="image/png") {
print_json(array(call_my_str_code()=> call_my_int_aeg1(), call_my_str_msg()=> '上传的文件类型不符jpg/png ' . $param_arr["type"]));
}
if ($param_arr["size"] > 10241000) {
print_json(array(call_my_str_code()=> call_my_int_aeg1(), call_my_str_msg()=> '上传文件不能大1M,请压缩在上传'));
}
$param_arr["tmp_name"];
$param_dir='templates/' . $param_id . "/statics";
if (!is_dir(HDSYS_DIR_SYS . $param_dir)) {
if (new_is_writeable(HDSYS_DIR_SYS . $param_dir)) {
mkdir(HDSYS_DIR_SYS . $param_dir, 0777, true);
} else {
print_json(array(call_my_str_code()=> call_my_int_aeg1(), call_my_str_msg()=> $param_dir . '目录没有权限写入，请设置可写权限777'));
}
}
$param_dir='templates/' . $param_id . "/statics";
if (!is_dir(HDSYS_DIR_SYS . $param_dir)) {
if (new_is_writeable(HDSYS_DIR_SYS . $param_dir)) {
mkdir(HDSYS_DIR_SYS . $param_dir, 0777, true);
} else {
print_json(array(call_my_str_code()=> call_my_int_aeg1(), call_my_str_msg()=> $param_dir . '目录没有权限写入，请设置可写权限777'));
}
}
if (new_is_writeable(HDSYS_DIR_SYS . $param_dir)) {
} else {
print_json(array(call_my_str_code()=> call_my_int_aeg1(), call_my_str_msg()=> $param_dir . '目录没有权限写入，请设置可写权限777'));
}
$param_filename=HDSYS_DIR_SYS . "templates/{$param_id}/statics/templatesBy.png";
$param_data=file_get_contents($param_arr["tmp_name"]);
$param_data=call_my_ResizeImage($param_data, 500);
file_put_contents($param_filename, $param_data);
$param_delfile=set_get('dl');
if ($param_delfile) {
}
print_json(array(call_my_str_code()=> call_my_int_1(), call_my_str_msg()=> '文件上传成功'));
}
public function call_up_ajax_url()
{
$param_imgUrl=set_post('imgUrl');
$param_File_Name=$param_imgUrl;
$param_fm=set_post('fm');
$param_fmt=set_post('fmt');
$param_div_id=set_post('param_div_id');
if ($param_imgUrl=='') {
print_json(array('error'=> 1, 'success'=> 0, 'message'=> '没有检测到上传文件字段', 'msg'=> '没有检测到上传文件字段'));
}
$php_path=HDSYS_DIR_SYS . '/';
$save_path=$php_path . '/upfiles/attached/';
$save_url='../upfiles/attached/';
if (is_dir($php_path . '/upfiles/attached')===false) {
mkdir($php_path . '/upfiles/attached', 0777, true);
}
$ext_arr=array(
'image'=> array('gif', 'jpg', 'jpeg', 'png', 'bmp'),
'flash'=> array('swf', 'flv'),
'media'=> array('swf', 'flv', 'mp3', 'wav', 'wma', 'wmv', 'mid', 'avi', 'mpg', 'asf', 'rm', 'rmvb'),
'file'=> array('doc', 'docx', 'xls', 'xlsx', 'ppt', 'htm', 'html', 'txt', 'zip', 'rar', 'gz', 'bz2'),
);
$max_size=1000000;
$save_path=realpath($save_path) . '/';
if (!empty($_FILES['imgFile']['error'])) {
switch ($_FILES['imgFile']['error']) {
case '1':
$error='超过php.ini允许的大小。';
break;
case '2':
$error='超过表单允许的大小。';
break;
case '3':
$error='图片只有部分被上传。';
break;
case '4':
$error='请选择图片。';
break;
case '6':
$error='找不到临时目录。';
break;
case '7':
$error='写文件到硬盘出错。';
break;
case '8':
$error='File upload stopped by extension。';
break;
case '999':
default:
$error='未知错误。';
}
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'success'=> 0, 'message'=> $error, 'msg'=> $error));
}
if ($param_imgUrl !=false) {
if (@is_dir($save_path)===false) {
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'success'=> 0, 'message'=> "上传目录不存在。", 'msg'=> "上传目录不存在。"));
}
if (@is_writable($save_path)===false) {
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'success'=> 0, 'message'=> "上传目录没有写权限。", 'msg'=> "上传目录没有写权限。"));
}
$param_dir_name=empty(set_get('dir')) ? 'image' : trim(set_get('dir'));
if (empty($ext_arr[$param_dir_name])) {
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'success'=> 0, 'message'=> "目录名不正确。", 'msg'=> "目录名不正确。"));
}
if ($param_dir_name !=='') {
$save_path .=$param_dir_name . "/";
$save_url .=$param_dir_name . "/";
if (!file_exists($save_path)) {
mkdir($save_path);
}
}
$ymd=date("Ymd");
$save_path .=$ymd . "/";
$save_url .=$ymd . "/";
if (!file_exists($save_path)) {
mkdir($save_path);
}
$new_file_name=date("YmdHis") . '_' . rand(10000, 99999) . '.' . 'png';
$param_file_path=$save_path . $new_file_name;
$param_data=@file_get_contents($param_imgUrl);
if (!$param_data) {
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'success'=> 0, 'message'=> "获取失败,url防盗接。", 'msg'=> "获取失败,url防盗接。"));
}
if (file_put_contents($param_file_path, $param_data)==false) {
print_json(array('error'=> 1, call_my_str_code()=> call_my_int_aeg1(), 'success'=> 0, 'message'=> "上传文件失败，确认目录可写。", 'msg'=> "上传文件失败，确认目录可写。"));
}
$param_file_url=$save_url . $new_file_name;
print_json(array('error'=> 0, call_my_str_code()=> call_my_int_1(), 'success'=> call_my_int_1(), 'div_id'=> $param_div_id, 'message'=> "ok", 'url'=> $param_file_url));
}
}
}
